SE468068C - Procedure for personalization of an active card, for use in a mobile telephone system - Google Patents

Procedure for personalization of an active card, for use in a mobile telephone system

Info

Publication number
SE468068C
SE468068C SE9102835A SE9102835A SE468068C SE 468068 C SE468068 C SE 468068C SE 9102835 A SE9102835 A SE 9102835A SE 9102835 A SE9102835 A SE 9102835A SE 468068 C SE468068 C SE 468068C
Authority
SE
Sweden
Prior art keywords
card
sim card
central computer
line
decryption
Prior art date
Application number
SE9102835A
Other languages
Swedish (sv)
Other versions
SE468068B (en
SE9102835L (en
SE9102835D0 (en
Inventor
L Sandberg
T Julin
B Almgren
Original Assignee
Comvik Gsm Ab
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Comvik Gsm Ab filed Critical Comvik Gsm Ab
Priority to SE9102835A priority Critical patent/SE468068C/en
Publication of SE9102835D0 publication Critical patent/SE9102835D0/en
Priority to EP93906325A priority patent/EP0606408B1/en
Priority to US08/211,375 priority patent/US5557679A/en
Priority to AU26990/92A priority patent/AU661048B2/en
Priority to AT93906325T priority patent/ATE189351T1/en
Priority to JP5506827A priority patent/JPH06511125A/en
Priority to PCT/SE1992/000656 priority patent/WO1993007697A1/en
Priority to DE69230618T priority patent/DE69230618D1/en
Priority to DE0606408T priority patent/DE606408T1/en
Priority to CA002115435A priority patent/CA2115435C/en
Priority to SG1995001987A priority patent/SG44338A1/en
Priority to NZ244523A priority patent/NZ244523A/en
Publication of SE468068B publication Critical patent/SE468068B/en
Publication of SE9102835L publication Critical patent/SE9102835L/en
Publication of SE468068C publication Critical patent/SE468068C/en
Priority to NO940473A priority patent/NO940473L/en
Priority to FI940804A priority patent/FI940804A/en
Priority to EE9400224A priority patent/EE9400224A/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/06Authentication
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/22Payment schemes or models
    • G06Q20/229Hierarchy of users of accounts
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/341Active cards, i.e. cards including their own processing means, e.g. including an IC or chip
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q20/00Payment architectures, schemes or protocols
    • G06Q20/30Payment architectures, schemes or protocols characterised by the use of specific devices or networks
    • G06Q20/34Payment architectures, schemes or protocols characterised by the use of specific devices or networks using cards, e.g. integrated circuit [IC] cards or magnetic cards
    • G06Q20/355Personalisation of cards for use
    • GPHYSICS
    • G07CHECKING-DEVICES
    • G07FCOIN-FREED OR LIKE APPARATUS
    • G07F7/00Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus
    • G07F7/08Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means
    • G07F7/10Mechanisms actuated by objects other than coins to free or to actuate vending, hiring, coin or paper currency dispensing or refunding apparatus by coded identity card or credit card or other personal identification means together with a coded signal, e.g. in the form of personal identification information, like personal identification number [PIN] or biometric data
    • G07F7/1008Active credit-cards provided with means to personalise their use, e.g. with PIN-introduction/comparison system
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0853Network architectures or network communication protocols for network security for authentication of entities using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W12/00Security arrangements; Authentication; Protecting privacy or anonymity
    • H04W12/30Security of mobile devices; Security of mobile applications
    • H04W12/35Protecting application or service provisioning, e.g. securing SIM application provisioning

Abstract

PCT No. PCT/SE92/00656 Sec. 371 Date Mar. 30, 1994 Sec. 102(e) Date Mar. 30, 1994 PCT Filed Sep. 23, 1992 PCT Pub. No. WO93/07697 PCT Pub. Date Apr. 15, 1993Personalization of an active so-called SIM card for a mobile telephone system of the GSM type is effected in a place connected to the central computer of the system via a communication network. The card identity IMSI and card authentication key Ki are transferred in line-encrypted form to terminal equipment in that place, where the card is inserted in a reader. After line decryption, the result thereof is transferred to the card in a manner to prevent unauthorized listening-in. This can be done in a safety box or by double encryption of IMSI and Ki, the decryption thereof being performed within the card by means of a unique card key Ksim.

Description

468 068 10 15 20 25 30 35 SAMMANFATTNING AV UPPFINNINGEN Ovannämnda syfte uppnås genom ett förfarande som i enlighet med uppfinningen uppvisar de i bifogade patent- krav angivna särdragen. SUMMARY OF THE INVENTION The above object is achieved by a method which, in accordance with the invention, has the features stated in the appended claims.

Enligt uppfinningen skall sålunda inlagringen ske då kortet finns på ett personifieringsställe, som är fjärr- anslutet till centraldatorn via ett datakommunikationsnät, speciellt ett återförsäljarställe, varvid kortet införs i en läsare hörande till dataterminalutrustning ansluten till datakommunikationsnätet, IMSI och Ki och företrädes- vis även PUK överförs linjekrypterat från centraldatorn till dataterminalutrustningen, där linjedekryptering sker och resultatet av linjedekrypteringen överförs till SIM- kortet på ett sådant sätt att obehörig avlyssning är för- hindrad.According to the invention, the storage is thus to take place when the card is located at a personification point which is remotely connected to the central computer via a data communication network, in particular a retail point, the card being inserted into a reader belonging to data terminal equipment connected to the data communication network, IMSI and Ki and preferably also PU is transmitted line-encrypted from the central computer to the data terminal equipment, where line decryption takes place and the result of the line decryption is transferred to the SIM card in such a way that unauthorized eavesdropping is prevented.

En distribuerad personifiering av detta slag gör det möjligt att dela in IMSI-nummerserier geografiskt, vilket är av stor fördel dels i det att nätverkssignaleringen förenklas eller minskas, dels i det att servicenivån gent- emot en ny abonnent kan hållas mycket hög. Personifi- eringen kan nämligen ske direkt och utan väntetider be- tingade av översändande av kort, kodkuvert etc. från ett centralt ställe. Den direkta kommunikationen med central- datorn gör det också möjligt att snabbt och enkelt för- anstalta om olika specialtjänster. Överföringen av resultatet av linjedekrypteringen till SIM-kortet pà ett säkert sätt kan ske på olika sätt.A distributed personification of this kind makes it possible to divide IMSI number series geographically, which is of great advantage partly in that the network signaling is simplified or reduced, and partly in that the service level towards a new subscriber can be kept very high. The personification can namely take place directly and without waiting times due to the sending of cards, code envelopes, etc. from a central place. The direct communication with the central computer also makes it possible to quickly and easily pre-arrange various special services. The transfer of the line decryption result to the SIM card can be done securely in different ways.

Enligt ett första tänkt alternativ sker linjedekryp- teringen och resultatöverföringen till SIM-kortet i ett fysiskt slutet utrymme, varvid försök till obehörigt in- trång däri innebär att relevant information raderas och procesen avbryts och icke kan fortsättas utan att sär- skilda säkerhetsåtgärder vidtagits. Ett mekaniskt och elektroniskt skyddande av detta slag kan åstadkommas med hjälp av en särskild säkerhetslåda, vari berörda kretsar är inneslutna under personifieringen. 10 15 20 25 30 35 468 068 3 Enligt ett andra tänkt alternativ överförs resultatet av linjedekrypteringen krypterat till SIM-kortet, åtmins- tone vad gäller Ki. Detta sker företrädesvis genom att Ki och företrädesvis även PUK och ev. IMSI krypteras en extra gång i centraldatorn före den linjekrypterade överföringen till personifieringsstället, varvid det till SIM-kortet överförda resultatet av linjedekrypteringen dekrypteras inne i SIM-kortet med hjälp av en kortnyckel Ksim, som lämpligen lagrats i SIM-kortet i samband med tillverk- ningen därav. Denna kortnyckel Ksim är företrädesvis unik för resp. kort.According to a first imagined alternative, the line decryption and result transfer to the SIM card takes place in a physically closed space, whereby attempts to unauthorized intrusion into it mean that relevant information is deleted and the process can be interrupted and cannot be continued without special security measures taken. Mechanical and electronic protection of this kind can be achieved by means of a special safety box, in which affected circuits are enclosed during the personification. 10 15 20 25 30 35 468 068 3 According to a second alternative, the result of the line decryption is transmitted encrypted to the SIM card, at least in the case of Ki. This is preferably done by Ki and preferably also PUK and possibly IMSI is encrypted once more in the central computer before the line-encrypted transfer to the personification point, whereby the result of the line decryption transmitted to the SIM card is decrypted inside the SIM card by means of a Ksim card key, which is suitably stored in the SIM card in connection with the manufacture. hence. This card key Ksim is preferably unique to resp. short.

Dekrypteringen i SIM-kortet sker härvid med fördel med hjälp av kortnyckeln och en hemlig algoritm, som speciellt är den algoritm, vilken är avsedd för kryp- tering/dekryptering i samband med kortets normala använd- ning i mobiltelefonsystemet och varom finns uppgift i centraldatorn. Algoritmen är med fördel av typ A3/A8 enligt GSM-rekommendation.The decryption in the SIM card takes place with the help of the card key and a secret algorithm, which is especially the algorithm which is intended for encryption / decryption in connection with the card's normal use in the mobile phone system and about which there is information in the central computer. The algorithm is advantageously of type A3 / A8 according to GSM recommendation.

Enligt uppfinningen är det att föredraga att central- datorn före dubbelkrypteringen räknar ut erforderlig Ksim med utnyttjande av från personifieringsstället överförd SIM-kortsidentifiering, den "masterkey" medelst vilken SIM-kortet är framställt och den tillhörande algoritmen.According to the invention, it is preferable that the central computer, before the double encryption, calculates the required Ksim using SIM card identification transmitted from the personification point, the "master key" by means of which the SIM card is produced and the associated algorithm.

Det inses att centraldatorn kan ha separat tillförts uppgifter om såväl nämnda masterkey som ifrågavarande algoritm för nya SIM-kort efter framställningen därav hos korttillverkaren.It is understood that the central computer may have been separately supplied with information on both the said master key and the algorithm in question for new SIM cards after the manufacture thereof by the card manufacturer.

Det är emellertid också möjligt att ovannämnda till centraldatorn överförda SIM-kortsidentifiering kan inne- hålla sådan information, att centraldatorn därav kan sluta sig till vilken masterkey (bland ett antal möjiga) och vilken algoritm (bland ett antal möjliga) som är aktuell.However, it is also possible that the above-mentioned SIM card identification transmitted to the central computer may contain such information that the central computer can thereby deduce from which master key (among a number possible) and which algorithm (among a number possible) is relevant.

Det inses att detta innebär att nyckeln Ksim i säker- hetshöjande syfte kan förändras under den fortlöpande tillverkningen av SIM-korten._ 468 068 10 15 20 25 30 35 4 Ovannämnda SIM-kortsidentifiering kan utgöras av kortets serienummer, som härvid kan inbegripa speciella fält med information om t.ex. masterkey och/eller aktuell algoritm.It is understood that this means that the key Ksim can be changed for security purposes during the continuous manufacture of the SIM cards._ 468 068 10 15 20 25 30 35 4 The above-mentioned SIM card identification may consist of the card's serial number, which may include special fields. with information about e.g. masterkey and / or current algorithm.

Det inses att det i syfte att ytterligare öka säkerheten är möjligt att kombinera ovannämnda båda al- ternativ.It will be appreciated that in order to further increase safety, it is possible to combine the above-mentioned two alternatives.

Enligt uppfinningen är det vidare fördelaktigt att styra personifieringsförfarandet med hjälp av ett aktivt personifieringskort, som införs i en läsare hörande till dataterminalutrustningen och som innehåller åtminstone delar av linjekrypteringsfunktionen, speciellt en till- hörande nyckel, företrädesvis även tillhörande algoritm.According to the invention, it is further advantageous to control the personification method by means of an active personification card, which is inserted into a reader belonging to the computer terminal equipment and which contains at least parts of the line encryption function, in particular an associated key, preferably also an associated algorithm.

Varje person som sköter personifiering (t.ex. åter- försäljare) kan sålunda ha sitt eget unika aktiva kort, vilket därigenom kan användas dels för behörighetskontroll (aktiv och passiv autenticiering) dels såsom krypterings- enhet. Varje person kan därvid ha en individuell krypte- ringsnyckel, varigenom säkerheten höjs ytterligare.Each person who handles personification (eg resellers) can thus have their own unique active card, which can thereby be used partly for authorization control (active and passive authentication) and partly as an encryption unit. Each person can then have an individual encryption key, which further increases security.

Ytterligare särdrag hos uppfinningen kommer att framgå av följande närmare beskrivning av exemplifierande utföringsformer under hänvisning till bifogade ritning.Further features of the invention will become apparent from the following detailed description of exemplary embodiments with reference to the accompanying drawings.

KORT BESKRIVNING AV RITNINGEN Fig. 1 är ett schema som övergripande illustrerar en utföringsform av förfarandet enligt uppfinningen.BRIEF DESCRIPTION OF THE DRAWING Fig. 1 is a diagram generally illustrating an embodiment of the method according to the invention.

Fig. 2 är ett blockschema som utförigare illustrerar utföringsformen enligt Fig. 1.Fig. 2 is a block diagram illustrating in more detail the embodiment of Fig. 1.

Fig. 3 är ett blockschema som illustrerar en annan utföringsform av förfarandet enligt uppfinningen.Fig. 3 is a block diagram illustrating another embodiment of the method according to the invention.

BESKRIVNING AV UTFÖRINGSFORMER I Fig. l betecknar 1 ett mobiltelefonsystems cen- traldator, som via ett datakommunikationsnät 2 kommuni- cerar med ett antal återförsäljare 3, 4, 5, 6 och som dessutom står i förbindelse med en kundtjänst 7. 'a 10 15 20 25 30 35 .b- GX OO CD Ch OO 5 Varje återförsäljare har en dataterminalutrustning 9, till vilken är ansluten en läsare 10 för SIM-kort 11 och en linjekrypteringsutrustning 12, 13 bestående av en läsa- re 12 och ett aktivt återförsäljarkort 13. Ett tangetbord 14 för inmatning av en PIN-kod i ett aktuellt SIM-kort är anslutet till läsaren 10.DESCRIPTION OF EMBODIMENTS In Fig. 1, 1 denotes the central computer of a mobile telephone system, which communicates via a data communication network 2 with a number of retailers 3, 4, 5, 6 and which is also connected to a customer service 7. 'a 10 15 20 25 30 35 .b- GX OO CD Ch OO 5 Each dealer has a data terminal equipment 9, to which is connected a reader 10 for SIM card 11 and a line encryption equipment 12, 13 consisting of a reader 12 and an active dealer card 13. A keyboard 14 for entering a PIN code into a current SIM card is connected to the reader 10.

Centraldatorn 1 innehåller organ 15 för att beräkna Ksim utgående från kortinformation ICC-ID överförd från återförsäljarstället, organ 16 för att generera IMSI, Ki och PUK, organ 17 för kryptering av de senare med utnytt- jande av nyckeln Ksim och en A3/A8-algoritm, och organ 18 för DES-linjekryptering.The central computer 1 contains means 15 for calculating Ksim based on card information ICC-ID transmitted from the dealer point, means 16 for generating IMSI, Ki and PUK, means 17 for encrypting the latter using the key Ksim and an A3 / A8 algorithm, and means 18 for DES line encryption.

Centraldatorn ger information om PUK till kundtjäns- ten 7, som på en printer 19 skriver ut ett brev 20 med uppgift härom. Detta brev sänds per post till berörd kund.The central computer provides information about PUK to the customer service 7, which on a printer 19 prints a letter 20 with information about this. This letter is sent by post to the customer concerned.

Funktionen i enlighet med uppfinningen kommer nu att beskrivas närmare med hänvisning också till Fig. 2.The function according to the invention will now be described in more detail with reference also to Fig. 2.

Systemoperatören 21 informerar korttillverkaren 22 och centraldatorn 1 om masterkey, DES- och A3/A8-algoritm och centraldatorn även om återförsäljarkortnyckel Kl.The system operator 21 informs the card manufacturer 22 and the central computer 1 about the master key, DES and A3 / A8 algorithm and the central computer also about the dealer card key Kl.

Korttillverkaren räknar fram Ksim för resp. kort i en serie som skall sändas till en viss återförsäljare 3 baserat på DES-algoritmen, masterkey och kortserienummer.The card manufacturer calculates Ksim for resp. cards in a series to be sent to a specific dealer 3 based on the DES algorithm, master key and card serial number.

Ksim och A3/A8-algoritmen laddas in i kortet tillsammans med kortserienummer, innan kortet sänds till återför- säljaren. Återförsäljaren får från systemoperatören sitt per- sonliga aktiva kort 13 med tillhörande inlagd kortnyckel Kl och DES-algoritm för linjekrypteringen, varom sålunda den centrala datorn har uppgift.Ksim and the A3 / A8 algorithm are loaded into the card together with the card serial number, before the card is sent to the dealer. The reseller receives from the system operator his personal active card 13 with associated key card K1 and DES algorithm for line encryption, of which the central computer thus has information.

Då en återförsäljare skall för en ny abonnent per- sonifiera ett nytt SIM-kort, börjar han med att föra in sitt aktiva kort 13 i en läsare 12 hörande till återför- säljarterminalen och loggar in sig på sedvanligt sätt, varvid det aktiva kortet utgör autenticieringsmedel (ev. tillsammans med en för återförsäljaren unik PIN-kod som inmatas på terminalens tangentbord), därmed styrkande 468 068 10 15 20 25 30 35 6 àterförsäljarens behörighet.When a reseller has to personify a new SIM card for a new subscriber, he starts by inserting his active card 13 into a reader 12 belonging to the reseller terminal and logs in in the usual way, the active card being an authentication means. (possibly together with a PIN code unique to the reseller which is entered on the terminal's keyboard), thereby certifying the reseller's authorization.

Ett nytt SIM-kort ll införs nu i tillhörande läsare 10, varvid kortidentifierande information ICC-ID överförs fràn vissa vid korttillverkningen förprogrammerade fält i SIM-kortet via àterförsäljarterminalen 9 och nätet 2 till centraldatorn l. Relevanta abonnentdata i övrigt inmatas via terminalens tangentbord och sänds till centraldatorn för sedvanlig kontroll etc. Om abonnenten blir godkänd, sänds också av abonnenten valt eller godkänt nummer MSISDN till centraldatorn. ' I centraldatorn beräknas Ksim utgående fràn erhàllen information om masterkey, serienummer och DES-algoritm. Ki och PUK genereras som slumptal. IMSI tilldelas ur den IMSI-serie som lagts upp för återförsäljaren eller det område, vartill återförsäljaren hör.A new SIM card ll is now inserted in the associated reader 10, whereby card-identifying information ICC-ID is transferred from certain fields pre-programmed in the card-making in the SIM card via the retail terminal 9 and the network 2 to the central computer 1. Relevant subscriber data is otherwise entered via the terminal's keyboard and transmitted to the central computer for customary control, etc. If the subscriber is approved, the MSISDN number selected or approved by the subscriber is also sent to the central computer. In the central computer, Ksim is calculated based on information obtained about the master key, serial number and DES algorithm. Ki and PUK are generated as random numbers. IMSI is assigned from the IMSI series set up for the reseller or the area to which the reseller belongs.

IMSI, Ki och PUK krypteras med utnyttjande av Ksim och den valda A3/A8-algoritmen. Sålunda krypterade IMSI, Ki och PUK och övriga data som skall överföras linjekryp- teras därefter med utnyttjande av nyckeln Kl och DES- -algoritmen och överförs via datakommunikationsnätet till återförsäljarterminalen, där linjedekryptering sker med utnyttjande av àterförsäljarens aktiva korts 13 kortnyckel Kl och DES-algoritm.IMSI, Ki and PUK are encrypted using Ksim and the selected A3 / A8 algorithm. Thus, IMSI, Ki and PUK encrypted and other data to be transmitted are line encrypted using the key K1 and the DES algorithm and transmitted via the data communication network to the dealer terminal, where line decryption takes place using the reseller's active card Kl1 D card algorithm 13 .

Via läsaren 10 kan nu dekrypterade övriga data inlad- das direkt i SIM-kortet, under det att IMSI, Ki och PUK i alltjämt krypterad form överförs till SIM-kortet för de- kryptering däri med utnyttjande av kortets nyckel Ksim och den tillhörande A3/A8-algoritmen. Denna senare är med för- del lika med den för kortets normala användning avsedda algoritmen, vilken är unik för systemoperatören och vilken kan varieras för olika kortserier om så önskas.Via the reader 10, decrypted other data can now be loaded directly into the SIM card, while IMSI, Ki and PUK in still encrypted form are transferred to the SIM card for decryption therein using the card key Ksim and the associated A3 / The A8 algorithm. The latter is advantageously equal to the algorithm intended for the normal use of the card, which is unique to the system operator and which can be varied for different card series if desired.

Efter dekrypteringen laddas IMSI, Ki och PUK in i tillhörande aatašält i.s1M4kortet.After decryption, IMSI, Ki and PUK are loaded into the corresponding aatašält i.s1M4 card.

Via PIN-tangentbordet 13 kan abonnenten själv inladda valfri PIN-kod i SIM-kortet helt konfidentiellt. Kortet är härmed klart för användning. Den av centraldatorn tillde- lade PUK-koden får abonnenten sig tillsänd per post efter *Ål g... 10 15 20 25 30 35 någon dag.Via the PIN keyboard 13, the subscriber can enter any PIN code in the SIM card completely confidentially. The card is now ready for use. The PUK code assigned by the central computer may be sent to the subscriber by post after * Ål g ... 10 15 20 25 30 35 some day.

'Den i fig. 3 illustrerade alternativa utföringsformen av uppfinningen skiljer sig frán den enligt fig 1 och 2 i det att ingen dubbelkryptering förekommer. Överföringen av Ki, IMSI och PUK till SIM-kortet 11 efter linjedekrypte- ringen, som sker med utnyttjande av áterförsäljarkortet 13 infört i dess läsare 12, sker i stället skyddat, genom att kortläsaren 12 med dess kort 13 och SIM-kortet ll i dess läsare 10 (som är ansluten till läsaren 12) är mekaniskt och elektroniskt skyddat inneslutna i en säkerhetslàda 31 under personifieringsförfarandet.The alternative embodiment of the invention illustrated in Fig. 3 differs from that of Figs. 1 and 2 in that no double encryption occurs. The transfer of Ki, IMSI and PUK to the SIM card 11 after the line decryption, which takes place using the dealer card 13 inserted in its reader 12, takes place instead protected, by the card reader 12 with its card 13 and the SIM card ll in its reader 10 (which is connected to reader 12) is mechanically and electronically protected enclosed in a safety box 31 during the personification process.

Säkerhetslàdan 31 kan såsom fackmannen utan vidare inser vara utförd pà mànga olika sätt, vilket även gäller för sådana organ som bör vara anordnade för att avbryta processen och radera känsliga data vid försök till intrång i säkerhetsládan.The safety box 31 can, as the person skilled in the art will readily realize, be designed in many different ways, which also applies to such means which should be arranged to interrupt the process and delete sensitive data when attempting to break into the safety box.

Det inses att de båda beskrivna alternativen skulle kunna kombineras, om ytterligare säkerhet önskas på åter- försäljarstället och/eller under överföringen via datakom- munikationsnätet.It will be appreciated that the two options described could be combined, if additional security is desired at the point of sale and / or during the transmission via the data communication network.

Claims (11)

._ ,.._....\ f. _ .tunna-ara 1. .ua w. mi.. www 1~ 468 068 10 15 20 25 30 35 8 PATENTKRAV._, .._.... \ f. _ .tunna-ara 1. .ua w. mi .. www 1 ~ 468 068 10 15 20 25 30 35 8 PATENTKRAV 1. Förfarande för personifiering av ett aktivt kort, ett s k SIM-kort, för användning i ett mobiltelefon- system, speciellt av GSM-typ, vilket inbegriper en cenf traldator, varvid kortets unika identitet, s k IMSI, och kortets unika autenticieringsnyckel, s k Ki, inlagras i kortet från centraldatorn, k ä n n-e t e c k n a t av att inlagringen sker då kortet finns på ett personi- fieringsställe som är fjärranslutet till centraldatorn via ett datakommunikationsnät, t ex ett àterförsäljarställe, varvid kortet införs i en läsare hörande till datatermi- nalutrustning ansluten till datakommunikationsnätet; IMSI och Ki överförs linjekrypterat från centraldatorn till dataterminalutrustningen, där linjedekryptering sker; och resultatet av linjedekrypteringen överförs till SIM-kortet Apà ett sådant sätt att obehörig avlyssning är förhindrad, åtminstone vad käller Ki.Method for personifying an active card, a so-called SIM card, for use in a mobile telephone system, especially of the GSM type, which includes a central computer, wherein the card's unique identity, so-called IMSI, and the card's unique authentication key, so-called Ki, is stored in the card from the central computer, characterized in that the storage takes place when the card is located at a personification point which is remotely connected to the central computer via a data communication network, for example a retail point, whereby the card is inserted into a reader belonging to computer terminal equipment connected to the data communication network; IMSI and Ki are transmitted line-encrypted from the central computer to the data terminal equipment, where line decryption takes place; and the result of the line decryption is transferred to the SIM card Apà in such a way that unauthorized eavesdropping is prevented, at least from the source Ki. 2. Förfarande enligt krav 1, k ä n n e t e c k - n a t av att linjedekrypteringen och resultatöverföringen till SIM-kortet sker i ett fysiskt slutet utrymme, tlex i en säkerhetslàda, varvid försök till obehörigt intrång däri innebär att relevant information raderas.Method according to claim 1, characterized in that the line decryption and the result transfer to the SIM card takes place in a physically closed space, tlex in a security drawer, wherein attempts to unauthorized intrusion therein means that relevant information is deleted. 3. Förfarande enligt krav 1 eller 2, k ä n n e - t e c k n a t av att resultatet av linjedekrypteringen överförs krypterat till SIM-kortet.Method according to Claim 1 or 2, characterized in that the result of the line decryption is transmitted encrypted to the SIM card. 4. Förfarande enligt krav 3, k ä n n e t e c k - n a t av att Ki och företrädesvis även IMSI dubbelkryp- teras i centraldatorn före överföringen till personifi- eringsstället, varvid det till SIM-kortet överförda resul- tatet av linjedekrypteringen dekrypteras i SIM-kortet med hjälp av en kortnyckel Ksim, vilken företrädesvis lagrats i SIM-kortet i samband med tillverkningen därav.Method according to claim 3, characterized in that Ki and preferably also IMSI are double-encrypted in the central computer before the transfer to the personification point, wherein the result of the line decryption transmitted to the SIM card is decrypted in the SIM card by means of of a card key Ksim, which is preferably stored in the SIM card in connection with the manufacture thereof. 5. Förfarande enligt krav 4, k ä n_n e t e c k - n a t av att dekrypteringen i SIMfkortet sker med hjälp av en för kortet unik nyckel Ksim och en för kortets normala användning avsedd algoritm. 10 15 20 25 »ao 35 .rs CN C D CD -CN COMethod according to claim 4, characterized in that the decryption in the SIM card takes place by means of a key Ksim unique to the card and an algorithm intended for the normal use of the card. 10 15 20 25 »ao 35 .rs CN C D CD -CN CO 6. Förfarande enligt krav S, k ä n n e t e c k - n a t av att centraldatorn före krypteringen räknar ut Ksim med utnyttjande av från personifieringsstället över- förd SIM-kortsidentifiering, den masterkey medelst vilken SIM-kortet är framställt och varom information införts i centraldatorn, och tillhörande algoritm.Method according to Claim S, characterized in that the central computer calculates Ksim before the encryption using SIM card identification transmitted from the personification point, the master key by means of which the SIM card is produced and about which information is entered into the central computer, and associated algorithm. 7. Förfarande enligt något av föregående krav, k ä n n e t e c k n a t av att det styrs medelst ett ak- tivt personifieringskort, som införs i en läsare hörande till dataterminalutrustningen och som innehåller åtmins- tone delar av linjekrypteringsfunktionen.Method according to one of the preceding claims, characterized in that it is controlled by means of an active personalization card, which is inserted into a reader belonging to the data terminal equipment and which contains at least parts of the line encryption function. 8. Förfarande enligt krav 7, k ä n n e t e c k - n a t av att man använder ett personifieringskort med en DES-algoritm.Method according to claim 7, characterized in that a personification card with a DES algorithm is used. 9. Förfarande enligt krav 2 och krav 7 eller 8, k ä n n e t e c k n a t av att man placerar de båda läsarna och kommunikationsvägen dem emellan i det fysiskt slutna utrymmet.9. A method according to claim 2 and claim 7 or 8, characterized in that the two readers and the communication path between them are placed in the physically closed space. 10. Förfarande enligt något av föregående krav, k ä n n e t e c k n a t av att man medelst ett till data- terminalutrustningen hörande tangentbord inlagrar en s k PIN-kod i det aktiva SIM-kortet.Method according to one of the preceding claims, characterized in that a so-called PIN code is stored in the active SIM card by means of a keyboard belonging to the data terminal equipment. 11. ll. k ä n n e t e c k n a t av att man från centraldatorn till SIM-kortet överför en s k PUK-kod på samma sätt som angivits för Xi. Förfarande enligt något av föregående krav,11. ll. FEATURES of transferring a so-called PUK code from the central computer to the SIM card in the same way as specified for Xi. A method according to any one of the preceding claims,
SE9102835A 1991-09-30 1991-09-30 Procedure for personalization of an active card, for use in a mobile telephone system SE468068C (en)

Priority Applications (15)

Application Number Priority Date Filing Date Title
SE9102835A SE468068C (en) 1991-09-30 1991-09-30 Procedure for personalization of an active card, for use in a mobile telephone system
US08/211,375 US5557679A (en) 1991-09-30 1992-09-23 Method for personalization of an active card
DE0606408T DE606408T1 (en) 1991-09-30 1992-09-23 METHOD FOR PERSONALIZING AN ACTIVE CARD.
SG1995001987A SG44338A1 (en) 1991-09-30 1992-09-23 Method for personalisation of an active card
AU26990/92A AU661048B2 (en) 1991-09-30 1992-09-23 Method for personalisation of an active card
AT93906325T ATE189351T1 (en) 1991-09-30 1992-09-23 METHOD FOR PERSONALIZING AN ACTIVE CARD
JP5506827A JPH06511125A (en) 1991-09-30 1992-09-23 How to individualize active cards
PCT/SE1992/000656 WO1993007697A1 (en) 1991-09-30 1992-09-23 Method for personalisation of an active card
DE69230618T DE69230618D1 (en) 1991-09-30 1992-09-23 METHOD FOR PERSONALIZING AN ACTIVE CARD
EP93906325A EP0606408B1 (en) 1991-09-30 1992-09-23 Method for personalisation of an active card
CA002115435A CA2115435C (en) 1991-09-30 1992-09-23 Method for personalisation of an active card
NZ244523A NZ244523A (en) 1991-09-30 1992-09-28 Personalisation of active cards for use in mobile telephony
NO940473A NO940473L (en) 1991-09-30 1994-02-11 Procedure for Person Assignment of an Active User Card
FI940804A FI940804A (en) 1991-09-30 1994-02-21 A method for identifying a smart card
EE9400224A EE9400224A (en) 1991-09-30 1994-11-17 Smart card personalization method

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
SE9102835A SE468068C (en) 1991-09-30 1991-09-30 Procedure for personalization of an active card, for use in a mobile telephone system

Publications (4)

Publication Number Publication Date
SE9102835D0 SE9102835D0 (en) 1991-09-30
SE468068B SE468068B (en) 1992-10-26
SE9102835L SE9102835L (en) 1992-10-26
SE468068C true SE468068C (en) 1994-01-13

Family

ID=20383871

Family Applications (1)

Application Number Title Priority Date Filing Date
SE9102835A SE468068C (en) 1991-09-30 1991-09-30 Procedure for personalization of an active card, for use in a mobile telephone system

Country Status (13)

Country Link
US (1) US5557679A (en)
EP (1) EP0606408B1 (en)
JP (1) JPH06511125A (en)
AT (1) ATE189351T1 (en)
AU (1) AU661048B2 (en)
CA (1) CA2115435C (en)
DE (2) DE69230618D1 (en)
EE (1) EE9400224A (en)
FI (1) FI940804A (en)
NZ (1) NZ244523A (en)
SE (1) SE468068C (en)
SG (1) SG44338A1 (en)
WO (1) WO1993007697A1 (en)

Families Citing this family (66)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
RU2116008C1 (en) 1992-11-11 1998-07-20 Телеком Финланд Ой Mobile telephone communication system, payment technique for terminal equipment of mobile telephone exchange, and system implementing it
EP2296388A3 (en) * 1993-06-15 2011-03-30 Celltrace LLC Telecommunications system
DE4335161A1 (en) * 1993-10-15 1995-04-20 Joachim Linz Method and installation for authenticating connections which can be set up via a telephone network
JP3052244B2 (en) * 1993-11-10 2000-06-12 富士通株式会社 Method for registering mobile device and method for registering IC card in mobile communication system
IT1269422B (en) * 1994-01-11 1997-04-01 Alfi Srl Process for producing devices for identification of authenticity for the use of services in general, guaranteed without recourse to the manufacturer of the device to provide assurance of its validity, and device produced
DE4406601A1 (en) * 1994-03-01 1995-09-07 Deutsche Bundespost Telekom Mutual authentication procedures
GB2304257A (en) * 1995-08-08 1997-03-12 Northern Telecom Ltd Method of Effecting SIM Card Replacement
FI102235B1 (en) 1996-01-24 1998-10-30 Nokia Telecommunications Oy Management of authentication keys in a mobile communication system
JP2991099B2 (en) * 1996-01-26 1999-12-20 富士ゼロックス株式会社 Signature device and method
EP1762988A1 (en) * 1996-04-15 2007-03-14 NBS Technologies (US) Inc. System and apparatus for smart card personalization
US5889941A (en) 1996-04-15 1999-03-30 Ubiq Inc. System and apparatus for smart card personalization
JP3440763B2 (en) * 1996-10-25 2003-08-25 富士ゼロックス株式会社 Encryption device, decryption device, confidential data processing device, and information processing device
NL1004365C2 (en) * 1996-10-25 1998-04-28 Theodorus Oscar Sikkema Device for loading general programmes and personal data into memory of chip card and similar
US6075860A (en) * 1997-02-19 2000-06-13 3Com Corporation Apparatus and method for authentication and encryption of a remote terminal over a wireless link
AU733803B2 (en) * 1997-05-09 2001-05-24 Connotech Experts-Conseils Inc. Initial secret key establishment including facilities for verification of identity
CN1104792C (en) * 1997-05-09 2003-04-02 友讯科技股份有限公司 Detection method of network card
DE19720431A1 (en) * 1997-05-15 1998-11-19 Beta Research Ges Fuer Entwick Device and method for personalizing chip cards
DE19733662C2 (en) 1997-08-04 2001-05-23 Deutsche Telekom Mobil Method and device for personalization of GSM chips by the customer
EP1023703B1 (en) * 1997-10-14 2004-06-09 Visa International Service Association Personalization of smart cards
US6925568B1 (en) * 1998-01-16 2005-08-02 Sonera Oyj Method and system for the processing of messages in a telecommunication system
FI980085A0 (en) * 1998-01-16 1998-01-16 Finland Telecom Oy Encryption in card form and annulling in encryption
FR2774238B1 (en) 1998-01-26 2000-02-11 Alsthom Cge Alcatel METHOD FOR TRANSFERRING INFORMATION BETWEEN A SUBSCRIBER IDENTIFICATION MODULE AND A MOBILE RADIO COMMUNICATION TERMINAL, CORRESPONDING SUBSCRIBER IDENTIFICATION MODULE AND MOBILE TERMINAL
US6196459B1 (en) * 1998-05-11 2001-03-06 Ubiq Incorporated Smart card personalization in a multistation environment
CA2466390C (en) * 1998-07-03 2009-10-06 Nokia Mobile Phones Ltd. Secure session set up based on the wireless application protocol
US7020441B2 (en) * 1998-09-03 2006-03-28 Casabyte, Inc. Test system for remotely testing switches within a telecommunications network
FR2786292B1 (en) * 1998-11-24 2000-12-29 St Microelectronics Sa INTEGRATED CIRCUIT TEST AND CUSTOMIZATION SYSTEM
GB9914262D0 (en) * 1999-06-18 1999-08-18 Nokia Mobile Phones Ltd WIM Manufacture certificate
GB9925227D0 (en) 1999-10-25 1999-12-22 Internet Limited Data storage retrieval and access system
US6915272B1 (en) * 2000-02-23 2005-07-05 Nokia Corporation System and method of secure payment and delivery of goods and services
NO313480B1 (en) * 2001-01-24 2002-10-07 Telenor Asa Procedure for opening all or part of a smart card
JP2002232861A (en) * 2001-01-30 2002-08-16 Hitachi Ltd Video information distributing device and operation device
DE10123664A1 (en) * 2001-05-15 2002-11-21 Giesecke & Devrient Gmbh Method for generating a signature code for a signature card uses a code-generating unit and a signature card to create a secrete code as well as a session code and encoded transmission of the generated code to the signature card.
US6963740B1 (en) * 2001-07-31 2005-11-08 Mobile-Mind, Inc. Secure enterprise communication system utilizing enterprise-specific security/trust token-enabled wireless communication devices
JP2003087238A (en) * 2001-09-11 2003-03-20 Hitachi Ltd Security realizing system in domestic network
FR2837009A1 (en) * 2002-03-11 2003-09-12 Schlumberger Systems & Service Updating of an authentication algorithm in an information system, uses storage of replacement algorithm before first authentication algorithm is inhibited and replacement algorithm activated
EP1353303A1 (en) * 2002-04-10 2003-10-15 SCHLUMBERGER Systèmes A method of assigning an account to a new identification device
AU2003226577A1 (en) * 2002-04-10 2003-10-20 Axalto Sa Method and devices for replacing an old identification device by a new identification device
US7363055B2 (en) * 2002-05-09 2008-04-22 Casabyte, Inc. Method, apparatus and article to remotely associate wireless communications devices with subscriber identities and/or proxy wireless communications devices
US7147148B2 (en) * 2002-09-20 2006-12-12 Ruediger Guenter Kreuter Remote personalization and issuance of identity documents
US20040083296A1 (en) * 2002-10-25 2004-04-29 Metral Max E. Apparatus and method for controlling user access
FR2847756B1 (en) * 2002-11-22 2005-09-23 Cegetel Groupe METHOD FOR ESTABLISHING AND MANAGING A MODEL OF CONFIDENCE BETWEEN A CHIP CARD AND A RADIO TERMINAL
FI113756B (en) * 2003-01-02 2004-06-15 Kone Corp Procedure for remote monitoring of elevators and / or escalators and / or escalators
TW595195B (en) * 2003-04-04 2004-06-21 Benq Corp Network lock method and related apparatus by ciphered network lock and inerasable deciphering key
SG135038A1 (en) * 2004-08-10 2007-09-28 Nanyang Polytechnic System and method of identifying the user/possessor of a mobile station
FR2879867A1 (en) * 2004-12-22 2006-06-23 Gemplus Sa CHIP CARD ALLOCATION SYSTEM TO A NETWORK OPERATOR
FR2880503A1 (en) * 2005-01-05 2006-07-07 France Telecom METHOD OF SECURING COMMUNICATION BETWEEN A SIM CARD AND A MOBILE TERMINAL
WO2006089065A1 (en) * 2005-02-17 2006-08-24 Casabyte, Inc. Methods and apparatuses to remotely test communications networks using digital fingerprints of content
US7628322B2 (en) 2005-03-07 2009-12-08 Nokia Corporation Methods, system and mobile device capable of enabling credit card personalization using a wireless network
DE102005032311A1 (en) * 2005-07-11 2007-01-25 Giesecke & Devrient Gmbh Method for the subsequent implementation of a SIM functionality in a security module
US7689205B2 (en) 2005-12-23 2010-03-30 Morgan Stanley Systems and methods for configuration of mobile computing devices
DE102006024041B4 (en) 2006-05-23 2016-04-07 Giesecke & Devrient Gmbh Method for personalizing a security module of a telecommunication terminal
FR2908209B1 (en) * 2006-11-07 2009-02-13 Oberthur Card Syst Sa PORTABLE ELECTRONIC ENTITY AND METHOD FOR CUSTOMIZING SUCH AN ELECTRONIC ENTITY
US8331989B2 (en) 2007-06-15 2012-12-11 Intel Corporation Field programming of a mobile station with subscriber identification and related information
US8140064B2 (en) * 2008-01-27 2012-03-20 Sandisk Il Ltd. Methods and apparatus to use an identity module in telecommunication services
US8457621B2 (en) * 2008-01-27 2013-06-04 Sandisk Il Ltd. Generic identity module for telecommunication services
EP2200253A1 (en) * 2008-12-19 2010-06-23 Gemalto SA Method of managing sensitive data in an electronic token
DE102010019195A1 (en) * 2010-05-04 2011-11-10 Giesecke & Devrient Gmbh Method for personalizing a portable data carrier, in particular a chip card
KR101663012B1 (en) * 2010-11-15 2016-10-06 삼성전자 주식회사 Data Communication Setting Control Method based on the Subscribe Identification And Portable Device supporting the same
DE102011009486A1 (en) * 2011-01-26 2012-07-26 Vodafone Holding Gmbh Method for configuring a communication device and communication device
EP2632194A1 (en) * 2012-02-21 2013-08-28 Gemalto SA Method for personalizing a secure element cooperating with an equipment
FR2994047B1 (en) * 2012-07-24 2015-09-04 Oberthur Technologies CUSTOMIZATION DEVICE FOR SECURE MODULE
FR2994048A1 (en) * 2012-07-24 2014-01-31 Oberthur Technologies Method for personalization of e.g. SIM card placed in mobile phone or sales package in shop, involves transmitting subscription profile from personalization device to module, and not providing communication unit in contact with near field
EP2747368A1 (en) * 2012-12-19 2014-06-25 Gemalto SA Method for customising a security element
US9870487B2 (en) 2014-12-30 2018-01-16 Data I/O Corporation Automated manufacturing system with adapter security mechanism and method of manufacture thereof
FR3045252B1 (en) * 2015-12-10 2019-05-03 Idemia France METHOD OF CUSTOMIZING A SECURITY DOCUMENT
IT201800004046A1 (en) * 2018-03-28 2019-09-28 St Microelectronics Srl PROCEDURE FOR CUSTOMIZING INTEGRATED CIRCUIT CARDS, CORRESPONDING SYSTEM AND IT PRODUCT

Family Cites Families (12)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
DE3013211A1 (en) * 1980-04-03 1981-10-08 GAO Gesellschaft für Automation und Organisation mbH, 8000 München METHOD FOR HANDLING A PERSONAL IDENTIFICATION NUMBER (PIN) IN CONNECTION WITH AN ID CARD
FR2526977B1 (en) * 1982-05-14 1988-06-10 Cii Honeywell Bull METHOD AND DEVICE FOR AUTHENTICATING OR CERTIFYING AT LEAST INFORMATION CONTAINED IN A MEMORY OF AN ELECTRONIC MEDIUM IN PARTICULAR REMOVABLE AND PORTABLE SUCH AS A CARD
US5020105A (en) * 1986-06-16 1991-05-28 Applied Information Technologies Corporation Field initialized authentication system for protective security of electronic information networks
US4731841A (en) * 1986-06-16 1988-03-15 Applied Information Technologies Research Center Field initialized authentication system for protective security of electronic information networks
JPS63236186A (en) * 1987-03-24 1988-10-03 Mitsubishi Electric Corp Card issuing device
US5227613A (en) * 1989-01-24 1993-07-13 Matsushita Electric Industrial Co., Ltd. Secure encrypted data communication system having physically secure ic cards and session key generation based on card identifying information
US5060264A (en) * 1990-01-05 1991-10-22 Motorola, Inc. Radiotelephone controller configured for coresident secure and nonsecure modes
FR2668002B1 (en) * 1990-10-10 1994-05-06 Gerald Mazziotto RADIOTELEPHONE INSTALLATION WITH SECURE PREPAYMENT SERVICE.
US5237612A (en) * 1991-03-29 1993-08-17 Ericsson Ge Mobile Communications Inc. Cellular verification and validation system
US5241598A (en) * 1991-05-22 1993-08-31 Ericsson Ge Mobile Communications, Inc. Rolling key resynchronization in cellular verification and validation system
CA2078195C (en) * 1991-11-27 1999-03-09 Jack Kozik Arrangement for detecting fraudulently identified mobile stations in a cellular mobile telecommunications network
FR2696067B1 (en) * 1992-09-21 1994-11-25 France Telecom Telecommunication installation with secure download of prepayment means and corresponding download method.

Also Published As

Publication number Publication date
US5557679A (en) 1996-09-17
JPH06511125A (en) 1994-12-08
AU2699092A (en) 1993-05-03
SG44338A1 (en) 1997-12-19
FI940804A0 (en) 1994-02-21
CA2115435A1 (en) 1993-04-15
DE606408T1 (en) 1995-03-16
EP0606408A1 (en) 1994-07-20
SE468068B (en) 1992-10-26
CA2115435C (en) 1998-09-15
AU661048B2 (en) 1995-07-13
ATE189351T1 (en) 2000-02-15
SE9102835L (en) 1992-10-26
DE69230618D1 (en) 2000-03-02
FI940804A (en) 1994-02-21
EP0606408B1 (en) 2000-01-26
WO1993007697A1 (en) 1993-04-15
EE9400224A (en) 1996-02-15
SE9102835D0 (en) 1991-09-30
NZ244523A (en) 1996-02-27

Similar Documents

Publication Publication Date Title
SE468068C (en) Procedure for personalization of an active card, for use in a mobile telephone system
US5386468A (en) Method of registering identification number in personal communication terminal
CA2120667C (en) Method for preventing inadvertent betrayal by a trustee of escrowed digital secrets
US5249230A (en) Authentication system
EP0722596A1 (en) Method and system for secure, decentralised personalisation of smart cards
SE426128B (en) METHOD FOR TRANSFER OF DATA MESSAGES BETWEEN TWO STATIONS, AND TRANSFER PLANT FOR EXECUTING THE METHOD
US20060168658A1 (en) Protection of data to be stored in the memory of a device
US6018583A (en) Secure computer network
US20030185398A1 (en) Encryption
US20100011449A1 (en) Chip Card Having A First User Function, Method For Selecting An Identifier, And Computer System
US7503066B2 (en) Deactivation system
CA2225001A1 (en) System for identifying the user of postal equipment
JP4558214B2 (en) First use protection device for processor smart card
US20040013269A1 (en) Device and method for securing information associated with a subscriber in a communication apparatus
EP0645688A1 (en) Method for the identification of users of telematics servers
CN107682156A (en) A kind of encryption communication method and device based on SM9 algorithms
GB2216754A (en) Data-processing apparatus and method
US20060118614A1 (en) Method for secure storing of personal data and for consulting same, chip card, terminal and server used to carry out said method
JPH05225139A (en) Process monitoring and control equipment
CN108229193A (en) A kind of wearable device end message encryption method, encryption data precaution device and wearable device terminal
CN101175324B (en) Safety guaranteeing method of user card
CN100459787C (en) Method for protecting user card
KR19990058592A (en) Terminal authentication key injection device and method for mobile communication network
EP1036382B1 (en) Protectedly reading out an enciphered, cryptographic key
CA2241834C (en) Method and device for data communication

Legal Events

Date Code Title Description
NAL Patent in force

Ref document number: 9102835-7

Format of ref document f/p: F

NUG Patent has lapsed

Ref document number: 9102835-7

Format of ref document f/p: F